Back

Privacy Policy

We are delighted that you are interested in our company. Data protection has a particularly high priority for the management of magineer GmbH. It is generally possible to use the website of the magineer GmbH without providing any personal data. However, if a data subject wants to use special services of our enterprise via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain the consent of the data subject.


The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject shall always be in line with the General Data Protection Regulation and in accordance with the national data protection regulations applicable to Magineer GmbH. . With this data protection declaration, our company wishes to inform the public about the type, extent and purpose of the personal data that we collect, use and process. Data subjects are also informed of their rights under this data protection declaration.


As the data controller, magineer GmbH has implemented numerous technical and organisational measures to ensure that personal data processed via this website is protected as fully as possible. However, data transmissions over the internet can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, any person concerned is free to send us personal data by other means, for example by telephone.


1. Definitions

 

The data protection declaration of Magineer GmbH is based on the terms used by the European legislator for directives and regulations when issuing the General Data Protection Regulation (GDPR). Our data protection declaration should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

We use the following terms in this data protection declaration, among others:

 

a) personal data :

 

Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). A natural person is considered identifiable if he or she can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person.

 

b) person concerned :

 

The data subject is any identified or identifiable natural person whose personal data is processed by the controller.

 

c) Treatment :

 

Processing is any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, reading, interrogation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, deletion or destruction.

 

d) Limitation of processing :

 

Limiting processing is the marking of stored personal data with the aim of limiting its future processing.

 

 

e) Profiling :

 

Profiling is any type of automated processing of personal data which consists of using this personal data to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health or personality. To analyse or predict the preferences, interests, reliability, behaviour, location or movements of that natural person.

 

f) Pseudonymisation :

 

Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures ensuring that the personal data is not attributed to an identified or identifiable natural person.

 

g) Controller:

 

The controller or data processor is the natural or legal person, public authority, institution or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. If the purposes and means of such processing are determined by Union law or the law of a Member State, Union law or the law of a Member State may provide for the controller or the specific criteria for his appointment.

 

h) Processor :

 

The processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.

 

i) Recipient : 

 

The recipient is a natural or legal person, a public authority, an institution or any other body to which personal data is disclosed, whether a third party or not. However, public authorities likely to receive personal data in the context of a specific investigation under Union law or the law of the Member States are not considered as recipients.

 

j) Third parties :

 

A third party is a natural or legal person, a public authority, an organisation or another body other than the data subject, the controller, the processor and persons authorised to process personal data under the direct responsibility of the controller or processor.

 

k) Consent :

 

Consent is any voluntary, informed and unambiguous expression of the wishes expressed by the data subject for a specific case, in the form of a declaration or other unambiguous act of confirmation, by which the data subject indicates that he or she agrees to the processing of personal data. concerning him or her is.

2. Name and address of the data controller

 

The person responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other data protection provisions is :

Magineer GmbH

Triftweg 4

64331 Weiterstadt

Germany

Tel: +49 (0) 6151-8608170

E-Mail : info@magineer.de

Website : www.magineer.de

3. Cookies

 

The magineer GmbH website uses cookies. Cookies are text files that are stored on a computer system via an Internet browser.

 

Many websites and servers use cookies. Many cookies contain what is known as a cookie identifier. A cookie identifier is a unique identifier for the cookie. It is a string of characters by which Internet pages and servers can be attributed to the specific Internet browser in which the cookie was stored. This enables the websites and servers visited to distinguish the individual browser of the person concerned from other Internet browsers containing other cookies. A specific Internet browser can be recognised and identified by the unique cookie ID.

 

By using cookies, magineer GmbH can provide users of this website with more user-friendly services that would not be possible without the cookie settings.

 

Thanks to a cookie, the information and offers on our website can be optimised for the user. As already mentioned, cookies enable us to recognise users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, users of a website that uses cookies do not have to re-enter their access data each time they visit the website, as this is done by the website and the cookie stored on the user's computer system. Another example is the shopping basket cookie in the online shop. The online shop uses a cookie to store the items that a customer has placed in the virtual shopping basket.

 

The person concerned may at any time prevent the installation of cookies via our website by means of an appropriate setting in the Internet browser used and thus permanently oppose the installation of cookies. In addition, cookies that have already been installed can be deleted at any time using an Internet browser or other software. This is possible in all common Internet browsers. If the person concerned deactivates the cookie settings in the Internet browser used, all the functions of our website may not be fully usable.

4. Collection of general data and information

 

The website of the magineer GmbH collects a series of general data and information whenever a data subject or automated system accesses the website. This general data and information is stored in server log files. What may be recorded are (1) the browser types and versions used, (2) the operating system used by the access system, (3) the website from which an access system accesses our website (referred to as referrers), (4) the sub-websites accessed via an access system on our website, (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet Service Provider of the access system and (8) other similar data and information.

The magineer GmbH does not draw any conclusions about the data subject from this general data and information. Rather, this information is necessary to (1) correctly provide the content of our website, (2) optimize the content of our website and related advertising, (3) ensure the long-term functionality of our IT systems and technology. of our website and ( 4) to provide law enforcement authorities with information necessary for criminal prosecution in the event of a cyber attack. This anonymously collected data and information is therefore evaluated by Magineer Lighting GmbH both statistically and with the aim of increasing data protection and data security in our company. to ultimately guarantee an optimal level of protection for the personal data we process. The anonymous data contained in the server log files is stored separately from any personal data provided by a data subject.

 

5. Contact via the website

 

Due to legal regulations, the website of the magineer GmbH contains information that enables a quick electronic contact to our enterprise and a direct communication with us, which also includes a general address for so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject will be stored automatically. This personal data transmitted voluntarily by a data subject to the data controller will be stored for the purposes of processing or contacting the data subject.

 

6. Systematic deletion and blocking of personal data

 

The data controller processes and stores the data subject's personal data only for the period necessary to achieve the purpose of storage or if required by the European legislator or another legislator in the laws or regulations to which the data controller is subject .

If the storage purpose no longer applies or if a storage period prescribed by the European legislator or another responsible legislator expires, the personal data will be blocked or deleted systematically and in accordance with the legal provisions.

 

7. Rights of the person concerned

 

a) Right to confirmation : 

 

Any data subject has the right, granted by the European legislator, to obtain confirmation from the controller that personal data concerning him or her is being processed. If a data subject wishes to exercise this right of confirmation, he or she may at any time contact an employee of the controller.

 

b) Right to information :

 

Any person affected by the processing of personal data has the right, granted by the European legislator, to obtain at any time and free of charge information from the controller on the personal data stored about him or her, as well as a copy of this information. In addition, the European legislator has granted the data subject access to the following information:

  • the purposes of the processing
  • the categories of personal data processed
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations
  • if possible, the period for which the personal data will be kept or, if this is not possible, the criteria for determining this period
  • the existence of a right to rectify or delete personal data concerning you or to limit processing by the data controller or a right to object to such processing
  • the existence of a right to lodge a complaint with a supervisory authority
  • if the personal data is not collected from the data subject: all available information on the origin of the data
  • the existence of automated decision-making, including profiling, in accordance with Article 22(1) and (4) of the GDPR and - at least in such cases - significant information about the logic involved and the extent and expected effects of such processing for the data subject
  • The data subject also has the right to know whether personal data has been transferred to a third country or to an international organisation. If this is the case, the data subject also has the right to receive information on the appropriate safeguards in connection with the transfer.
    If a data subject wishes to exercise this right to information, he or she may contact an employee of the data controller at any time.

 

c) Right of rectification :

 

Any person concerned by the processing of personal data has the right granted by the European legislator to request the immediate correction of incorrect personal data concerning him or her. Furthermore, the data subject has the right to request that incomplete personal data be completed, including by means of an additional declaration, taking into account the purposes of the processing.
If a data subject wishes to exercise this right of rectification, he or she may contact an employee of the data controller at any time.

 

d) Right of deletion (right to be forgotten) :

 

Any person affected by the processing of personal data has the right granted by the European legislator to ask the controller to delete his or her personal data immediately if one of the following reasons applies and the processing is not necessary:

    • Personal data has been collected or otherwise processed for purposes for which it is no longer required.
    • The data subject revokes his/her consent on which the processing was based in accordance with Article 6(1)(a) of the GDPR or Article 9(2)(a) of the GDPR and there is no other legal basis for the processing.
    • The data subject objects to the processing in accordance with Article 21(1) of the GDPR and there are no compelling legitimate grounds for the processing, or the data subject objects to the processing in accordance with Article 21(2) of the GDPR.
    • Personal data has been processed illegally.
    • The deletion of personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which the data controller is subject.
    • The personal data has been collected as part of the information society services offered in accordance with Article 8(1) of the RGPD.
 

If one of the aforementioned reasons applies, and a data subject wishes to have personal data stored by the magineer GmbH deleted, he or she may, at any time, contact any employee of the controller. The employee of the magineer GmbH will ensure that the request for deletion is complied with immediately.

 

If the personal data have been made public by magineer GmbH, and our company, as the controller, is obliged to delete the personal data pursuant to Article 17 (1) of the GDPR, magineer GmbH will also take appropriate measures, taking into account the available technology. and the technically necessary costs of implementation, in order to inform the other controllers who process the published personal data that the data subject requests these other controllers to delete all links to such personal data or copies or replications of such personal data that he or she has requested, provided that the processing is not required.The employee of the magineer GmbH will arrange the necessary measures in individual cases.

 

e) Right to limit processing : 

 

Any person affected by the processing of personal data has the right, granted by the European legislator, to ask the controller to restrict the processing if one of the following conditions is met:

    • The accuracy of personal data is contested by the data subject for a period allowing the data controller to verify the accuracy of the personal data.
  •  
    • The processing is unlawful, the data subject refuses the deletion of the personal data and requests instead that the use of the personal data be restricted.
  •  
    • The data controller no longer needs the personal data for the purposes of processing, but the data subject needs it to assert, exercise or defend legal claims.
  •  
    • The data subject has objected to the processing in accordance with Article 21(1) of the GDPR and it is not yet clear whether the data controller's legitimate reasons outweigh those of the data subject.

 

If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the personal data stored by the magineer GmbH, he or she may, at any time, contact any employee of the controller. The employee of the magineer GmbH will arrange the restriction of the processing.

 

f) Right to data portability :

 

Any person affected by the processing of personal data has the right granted by the European legislator to receive personal data concerning him or her, which he or she has provided to a controller, in a structured, common and machine-readable format. You also have the right to transmit this data to another controller without hindrance from the controller to whom the personal data was provided, provided that the processing is based on consent in accordance with Article 6, paragraph 1, letter a of the GDPR or Article 9, paragraph 2. letter a of the GDPR or on the basis of a contract in accordance with Article 6, paragraph 1, letter b of the GDPR and that the processing is carried out using automated procedures.

 

In addition, when exercising their right to data portability in accordance with Article 20(1) of the GDPR, data subjects have the right to have personal data transmitted directly from one controller to another, insofar as this is technically feasible and provided that it does not affect the rights and freedoms of others.

 

To assert his or her right to data portability, the data subject may at any time contact any employee of the magineer GmbH.

 

g) Right to object :

 

Any person affected by the processing of personal data has the right granted by the European legislator to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her on the basis of Article 6, paragraph 1, letter e or f RGPD, in order to lodge an objection. This also applies to profiling based on these provisions.


The Magineer GmbH will no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.

 

If magineer GmbH processes personal data for the purpose of direct advertising, the data subject shall have the right to object at any time to the processing of personal data for the purpose of direct advertising. This also applies to profiling insofar as it is related to such direct advertising. If the data subject objects to Magineer Lighting GmbH to the processing for direct marketing purposes, Magineer Lighting GmbH will no longer process the personal data for these purposes.

 

In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her carried out by magineer GmbH for scientific or historical research purposes or for statistical purposes in accordance with Article 89(1) DS-OGM, unless such processing is necessary for the performance of a task carried out in the public interest.
In order to exercise the right to object, the data subject may contact any employee of the magineer GmbH or another employee directly. Furthermore, in the context of the use of information society services, the data subject is free, notwithstanding Directive 2002/58/EC, to exercise his/her right to object by means of automated procedures using technical specifications.

 

h) Automated decisions in individual cases, including profiling : 

 

 

Any person concerned by the processing of personal data has the right, granted by the European legislator, not to be subject to a decision based solely on automated processing - including profiling - which produces legal effects concerning him or her or significantly affects him or her in a similar way, provided that the decision (1) is not necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is based on Union law or the law of the Member State to which the controller is subject, is authorised and those legal provisions contain appropriate measures to safeguard the rights and freedoms and the legitimate interests of the data subject, or (3) takes place with the express consent of the data subject.

 

If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject's explicit consent, magineer GmbH shall implement suitable measures to safeguard the data subject's rights and freedoms and those entitled to protect the data subject's interests, which shall include at least the right to obtain human intervention on the part of the controller, to express his or her own point of view and to contest the decision.

 

If the data subject wishes to assert his/her rights concerning automated decisions, he/she may contact an employee of the controller at any time.

 

i) Right to revoke consent under the Data Protection Act : 

 

Any person concerned by the processing of personal data has the right, granted by the European legislator, to revoke their consent to the processing of personal data at any time.

If the data subject wishes to exercise his/her right to withdraw consent, he/she may contact an employee of the data controller at any time.

 

8. Data protection for applications and the application process

 

The data controller collects and processes applicants' personal data for the purpose of processing the application procedure. Processing may also take place electronically. This is particularly the case if an applicant sends the relevant application documents to the data controller electronically, for example by e-mail or via a web form on the website. 

If the data controller concludes an employment contract with an applicant, the data transmitted will be stored for the purpose of processing the employment relationship in accordance with the statutory provisions. If the controller does not conclude an employment contract with the applicant, the application documents will be automatically deleted two months after the announcement of the rejection decision, provided that deletion is not contrary to other legitimate interests of the controller. 

Other legitimate interests in this respect include, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).

 

9. Data protection rules for the application and use of Facebook

 

The data controller has integrated Facebook components into this website. Facebook is a social network.

 

A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences, or enable the Internet community to provide personal or business-related information. Facebook allows users of the social network to create private profiles, upload photos and network via friend requests, among other things.

 

The operating company of Facebook is Facebook, Inc, 1 Hacker Way, Menlo Park, CA 94025, United States. If a data subject resides outside the United States or Canada, the data controller is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

 

Each time you access one of the individual pages of this website operated by the controller in which a Facebook component (Facebook plug-in) has been integrated, the Internet browser of the data subject's computer system is automatically activated by the corresponding Facebook component, resulting in a representation of the corresponding Facebook component being downloaded from Facebook. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook learns which specific sub-page of our website is visited by the person concerned.

 

If the person concerned is simultaneously logged in to Facebook, Facebook recognises which specific subpage of our website the person concerned visits each time they visit our website and for the duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the data subject's Facebook account. If the data subject clicks on one of the Facebook buttons integrated into our website, such as the "Like" button, or if the data subject makes a comment, Facebook assigns this information to the data subject's personal Facebook user account and stores this personal data. 

 

Facebook will always receive information via the Facebook component to the effect that the data subject has visited our website if the data subject is logged in to Facebook at the same time as accessing our website; this takes place irrespective of whether the data subject clicks on the Facebook component. If the data subject does not want this information to be transmitted to Facebook in this way, he or she can prevent transmission by logging out of his or her Facebook account before accessing our website.

 

The data policy published by Facebook, available at https://de-de.facebook.com/about/privacy/, provides information on the collection, processing and use of personal data by Facebook. It also explains the settings options offered by Facebook to protect the privacy of the data subject. There are also various applications that can be used to stop data being sent to Facebook. These applications can be used by the person concerned to stop data being sent to Facebook.

 

10. Data protection rules concerning the application and use of Google Analytics (with anonymisation function)

 

The controller has integrated the Google Analytics component (with anonymisation function) into this website. Google Analytics is a web analysis service. Web analysis is the collection, collation and evaluation of data about the behaviour of visitors to websites. A web analysis service collects, among other things, data on the website from which a data subject arrived at a website (known as the referrer), on the sub-pages of the website that were consulted or on the frequency and duration of a sub-page. was viewed. Web analysis is mainly used to optimise a website and analyse the cost-benefit ratio of Internet advertising.

 

The company operating the Google Analytics component is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.

 

The controller uses the "_gat._anonymizeIp" add-on for web analysis via Google Analytics. With this add-on, the IP address of the data subject's Internet connection is shortened and anonymised by Google if our website is accessed from a Member State of the European Union or from another State party to the Agreement on the European Economic Area.

 

The purpose of the Google Analytics component is to analyse the flow of visitors to our website. Google uses the data and information obtained, among other things, to evaluate the use of our website, to compile online reports for us showing the activities on our website and to provide other services related to the use of our website.

 

Google Analytics installs a cookie on the data subject's computer system. What cookies are has already been explained above. By installing the cookie, Google is able to analyse the use of our website. Whenever you access one of the individual pages of this website operated by the controller and in which a Google Analytics component has been integrated, the Internet browser of the data subject's computer system is automatically triggered by the corresponding Google Analytics software. component to transmit data to Google for online analysis purposes. As part of this technical procedure, Google acquires personal data, such as the IP address of the data subject, which Google uses, among other things.

 

The cookie is used to store personal information, such as the time of access, the location from which the access was made and the frequency of visits to our website by the person concerned. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the person concerned, is transmitted to Google in the United States of America. This personal data is stored by Google in the United States of America. Google may pass on the personal data collected via this technical process to third parties.

 

The person concerned may at any time prevent the installation of cookies via our website, as already described above, by means of a corresponding setting on the Internet browser used and thus permanently oppose the installation of cookies. Such a setting on the Internet browser used would also prevent Google from installing a cookie on the data subject's computer system. Furthermore, a cookie that has already been installed by Google Analytics can be deleted at any time using the Internet browser or other software.

 

The data subject also has the opportunity to object to the collection of data generated by Google Analytics about the use of this website and the processing of such data by Google, and to prevent such collection and processing. To do this, the person concerned must download and install a browser add-on under the link https://tools.google.com/dlpage/gaoptout. This browser add-on instructs Google Analytics via JavaScript that no data or information about visits to the website will be transmitted to Google Analytics. Google regards the installation of the browser add-on as a contradiction. If the data subject's computer system is subsequently deleted, formatted or reinstalled, the data subject must reinstall the browser add-on in order to deactivate Google Analytics. If the browser add-on is uninstalled or deactivated by the data subject or another person within his or her sphere of control, the browser add-on can be reinstalled or reactivated.

 

Further information and the applicable Google data protection provisions can be found at https://www.google.de/intl/de/policies/privacy/ and http://www.google.com/analytics/terms/de.html. Google Analytics is explained in more detail at https://www.google.com/intl/de_de/analytics/.

 

11. Data protection rules for the application and use of Google+

 

The controller has integrated the Google+ button as a component of this website. Google+ is what is known as a social network. A social network is a social meeting place operated on the Internet, an online community that generally allows users to communicate with each other and interact in a virtual space. A social network can serve as a platform for exchanging opinions and experiences, or enable the Internet community to provide personal or business-related information. Google+ allows users of the social network to create private profiles, upload photos and network via friend requests, among other things.

 

The company operating Google+ is Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

 

Whenever one of the individual pages of this website operated by the controller, on which a Google+ button has been integrated, is visited, the Internet browser of the data subject's computer system is automatically prompted to display the corresponding Google+ button. via the corresponding Google+ button Google download button. As part of this technical process, Google learns which specific sub-page of our website is being visited by the data subject. More detailed information on Google+ can be found at https://developers.google.com/+/.

 

If the data subject is also logged into Google+, Google will recognise which specific sub-page of our website the data subject visits each time they visit our website and for the duration of their stay on our website. This information is collected via the Google+ button and assigned by Google to the data subject's Google+ account.

 

If you click on one of the Google+ buttons on our website and make a Google+1 recommendation, Google will assign this information to your personal Google+ user account and store this personal data. Google will store the Google+1 recommendation made by the person concerned and make it available to the public in accordance with the terms and conditions agreed to by the person concerned. A Google+1 recommendation given by the data subject on this website will then be stored on other Google services together with other personal data, such as the name of the Google+1 account used by the data subject and the photo stored there. Google search engine results, stored and processed in the data subject's Google account or elsewhere, for example on websites or in connection with advertisements. Google is also able to link your visit to this website with other personal data stored by Google. Google will also store this personal information in order to improve or optimise the various Google services.

 

Google will always be informed via the Google+ button that the data subject has visited our website if the data subject is logged in to Google+ at the same time as accessing our website; this occurs irrespective of whether or not the data subject clicks on the Google+ button.

 

If you do not want your personal data to be transmitted to Google, you can prevent this by logging out of your Google+ account before accessing our website.

 

Further information and the applicable Google data protection policy can be found at https://www.google.de/intl/de/policies/privacy/. Further information from Google on the Google+1 button can be found at https://developers.google.com/+/web/buttons-policy.

 

12. Data protection rules for the application and use of Instagram

 

The data controller has integrated components of the Instagram service into this website. Instagram is a service described as an audiovisual platform that allows users to share photos and videos and also to distribute this data on other social networks.

 

The operating company for the Instagram services is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

 

Each time you access one of the individual pages of this website operated by the controller on which an Instagram component (Insta button) has been integrated, the Internet browser of the data subject's computer system is automatically activated by the The respective Instagram component is prompted to download a representation of the corresponding component from Instagram. As part of this technical process, Instagram learns which specific subpage of our website is visited by the data subject.

 

If the data subject is simultaneously logged into Instagram, Instagram recognises which specific subpage the data subject visits each time they visit our website and for the duration of their stay on our website. This information is collected by the Instagram component and assigned by Instagram to the data subject's respective Instagram account. If the data subject clicks on one of the Instagram buttons integrated on our website, the transmitted data and information will be assigned to the data subject's personal Instagram user account and stored and processed by Instagram.

 

Instagram always receives information via the Instagram component according to which the data subject has visited our website if the data subject is logged in to Instagram at the same time as accessing our website; This takes place irrespective of whether or not the data subject clicks on the Instagram component. If the data subject does not want this information to be transmitted to Instagram, he or she can prevent transmission by logging out of his or her Instagram account before accessing our website.

 

Further information and the applicable Instagram data protection regulations are available at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

 

13. Data protection rules for the application and use of Jetpack for WordPress

 

The controller has integrated Jetpack into this website. Jetpack is a WordPress plug-in which offers the operator of a WordPress-based website additional functions. Among other things, Jetpack enables the website operator to gain an overview of visitors to the website. By displaying related articles and publications or the ability to share content on the site, it is also possible to increase the number of visitors. Security features are also built into Jetpack, so that a website using Jetpack is better protected against brute force attacks. Jetpack also optimises and accelerates the loading of images embedded on the website.

 

The operating company of the Jetpack plugin for WordPress is Automattic Inc, 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses tracking technology from Quantcast Inc, 201 Third Street, San Francisco, CA 94103, USA.

 

Jetpack installs a cookie on the data subject's computer system. What cookies are has already been explained above. Each time one of the individual pages of this website, operated by the controller and on which a Jetpack component has been integrated, is accessed, the Internet browser of the data subject's computer system is automatically prompted by the respective Jetpack component to retrieve data for analysis purposes in order to send it to Automattic. As part of this technical process, Automattic receives data which is then used to create an overview of visits to the website. The data obtained in this way is used to analyse the behaviour of the data subject who has accessed the website of the controller and is evaluated with the aim of optimising the website. The data collected via the Jetpack component will not be used to identify the data subject without the data subject's prior separate and express consent. The data is also brought to the attention of Quantcast. Quantcast uses the data for the same purposes as Automattic.

 

The person concerned may at any time prevent the installation of cookies via our website, as already described above, by means of a corresponding setting on the Internet browser used and thus permanently oppose the installation of cookies. Such a setting on the Internet browser used would also prevent Automattic/Quantcast from installing a cookie on the computer system of the person concerned. In addition, cookies already installed by Automattic can be deleted at any time via the Internet browser or other software.

 

The data subject also has the option of objecting to and preventing the collection of data generated by the Jetpack cookie relating to the use of this website and the processing of this data by Automattic/Quantcast. To do this, the person concerned must press the unsubscribe button under the https://www.quantcast.com/opt-out/ link, which sets an unsubscribe cookie. The unsubscribe cookie set with the objection is stored on the computer system used by the person concerned. If the cookies on the data subject's system are deleted after an objection, the data subject must access the link again and set a new unsubscribe cookie.

 

However, by setting the unsubscribe cookie, it is possible that the data controller's website will no longer be fully usable by the data subject.

 

Automattic's applicable privacy policy is available at https://automattic.com/privacy/. Quantcast's applicable privacy policy is available at https://www.quantcast.com/privacy/.

 

14. Data protection rules for the application and use of Twitter

 

The controller has integrated Twitter components into this website. Twitter is a publicly accessible multilingual microblogging service on which users can publish and broadcast tweets, i.e. short messages limited to 280 characters. These short messages are accessible to everyone, including people who are not connected to Twitter. Tweets are also displayed to so-called followers of the user concerned. Followers are other Twitter users who follow a user's tweets. Twitter also makes it possible to reach a wide audience via hashtags, links or retweets.

 

Twitter's operating company is Twitter, Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, United States.

 

Each time you access one of the individual pages of this website operated by the controller on which a Twitter component (Twitter button) has been integrated, the Internet browser of the data subject's computer system is automatically activated by the The corresponding Twitter component is prompted to download a representation of the corresponding Twitter component from Twitter. Further information on Twitter buttons can be found at https://about.twitter.com/de/resources/buttons. As part of this technical process, Twitter learns which specific sub-page of our website is visited by the data subject. The purpose of integrating the Twitter component is to enable our users to redistribute the content of this website,

 

If the person concerned is simultaneously connected to Twitter, Twitter recognises which specific subpage of our website the person concerned visits each time they visit our website and for the duration of their stay on our website. This information is collected by the Twitter component and assigned by Twitter to the respective Twitter account of the person concerned. If the data subject clicks on one of the Twitter buttons integrated into our website, the data and information transmitted will be assigned to the data subject's personal Twitter user account and stored and processed by Twitter.

 

Twitter is always informed via the Twitter component that the data subject has visited our website if the data subject is logged in to Twitter at the same time as accessing our website; this occurs irrespective of whether or not the data subject clicks on the Twitter component. If the data subject does not want this information to be transmitted to Twitter in this way, he or she can prevent transmission by logging out of his or her Twitter account before accessing our website.

 

The applicable Twitter data protection regulations are available at https://twitter.com/privacy?lang=de.

 

 

15. Provisions relating to data protection when using and using YouTube

 

The controller has integrated YouTube components into this website. YouTube is a video portal on the Internet which allows video publishers to publish video clips free of charge and other users to view, rate and comment on them free of charge. YouTube allows all types of videos to be published, which is why complete films and television programmes, as well as music videos, trailers and user-generated videos, can be accessed via the Internet portal.

 

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, United States. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

 

Each time you access one of the individual pages of this website operated by the controller on which a YouTube component (YouTube video) has been integrated, the Internet browser of the data subject's computer system is automatically activated by the relevant YouTube. The component is prompted to download a representation of the corresponding YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google receive information about the specific subpage of our website visited by the data subject.

 

If the data subject is simultaneously connected to YouTube, YouTube recognises which specific sub-page of our website the data subject visits when accessing a sub-page containing a YouTube video. This information is collected by YouTube and Google and attributed to the data subject's respective YouTube account.

 

YouTube and Google will always receive information via the YouTube component that the data subject has visited our website if the data subject is logged in to YouTube at the same time as accessing our website; this occurs irrespective of whether or not the data subject clicks on a YouTube video. If the data subject does not want this information to be transmitted to YouTube and Google, he or she can prevent transmission by logging out of his or her YouTube account before accessing our website.

 

The data protection policies published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provide information on the collection, processing and use of personal data by YouTube and Google.

 

16. Legal basis for processing

 

Article 6 I lit. a of the GDPR serves as the legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, of processing operations necessary for the delivery of goods or the provision of any other service or In consideration, the processing is based on Article 6 I lit. b of the GDPR. The same applies to processing necessary for the performance of pre-contractual measures, for example in the case of requests for information about our products or services. 

 

If our company is subject to a legal obligation requiring the processing of personal data, for example to fulfil tax obligations, the processing is based on Article 6 I lit. c of the GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were injured on our premises and his or her name, age, health insurance details or other vital information then had to be passed on to a doctor, hospital or other third party. The processing would then be based on Article 6 I, point d) of the GDPR. Eventually, processing could be based on Article 6 I lit. f Based on the GDPR. Processing that is not covered by any of the above legal bases is based on this legal basis if the processing is necessary for the protection of a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not prevail. We are authorised to carry out such processing in particular because it has been specifically mentioned by the European legislator.

 

 In this regard, it considers that a legitimate interest may be presumed if the data subject is a customer of the controller (Recital 47, sentence 2 of the GDPR). if the processing is necessary to protect a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override it. We are authorised to carry out such processing in particular because it has been specifically mentioned by the European legislator. In this regard, it considers that a legitimate interest may be presumed if the data subject is a customer of the controller (Recital 47, sentence 2 of the GDPR). if the processing is necessary to protect a legitimate interest of our company or of a third party, provided that the interests, fundamental rights and freedoms of the data subject do not override it. We are authorised to carry out such processing in particular because it has been specifically mentioned by the European legislator. In this respect, it considers that a legitimate interest may be presumed if the data subject is a customer of the data controller (recital 47, sentence 2 of the GDPR).

 

17. Legitimate interests in the processing pursued by the controller or a third party

 

If the processing of personal data is based on Article 6 I lit. f of the GDPR, our legitimate interest is to carry out our business activities for the benefit of all our employees and shareholders.

 

18. How long personal data will be kept

 

The criterion for the retention period of personal data is the respective legal retention period. Once this period has expired, the data concerned will be systematically deleted, unless it is no longer required for the performance of the contract or the initiation of a contract.

 

19. Legal or contractual requirements for the provision of personal data; Necessity for the conclusion of the contract; Obligation of the data subject to provide personal data; possible consequences of non-provision

 

We would like to point out that the provision of personal data is partly required by law (e.g. tax regulations) or may also result from contractual provisions (e.g. information about the contractual partner). In order to conclude a contract, it may sometimes be necessary for a data subject to provide us with personal data which we must then process. For example, the data subject is obliged to provide us with personal data if our company enters into a contract with him or her. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before the data subject provides personal data, he or she must contact one of our employees.

 

20. Existence of automated decision-making

 

As a responsible company, we do not use automatic decision-making or profiling.

 

This data protection declaration was created by the data protection declaration generator of DGD Deutsche Gesellschaft für Datenschutz GmbH, acting as external data protection officer for Munich, in cooperation with the data protection lawyer Christian Solmecke .